package cc.wanforme.st.server.base.controller;

import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import cc.wanforme.st.server.biz.service.LoginService;
import cc.wanforme.st.server.vo.ResMessage;
import cc.wanforme.st.server.vo.base.RolePermissionVo;
import cc.wanforme.st.server.vo.login.LoginVo;
import cc.wanforme.st.server.vo.user.AdminTokenVo;
import cc.wanforme.st.server.vo.user.UserTokenVo;

@RestController
@RequestMapping("/base/u")
public class SimpleLoginController {

	@Autowired
	private LoginService loginService ;

	/** 管理员明文登录
	 * @param vo
	 * @param request
	 * @param response
	 * @return
	 */
	//@RequestMapping("/login")
	@Deprecated
	public ResMessage<AdminTokenVo> login(@RequestBody LoginVo vo, 
			HttpServletRequest request, HttpServletResponse response) {
		return loginService.login(vo, false, request, response);
	}
	
	/** 管理员密码登录
	 * @param vo
	 * @param request
	 * @param response
	 * @return
	 */
	@RequestMapping("/loginEnc")
	public ResMessage<AdminTokenVo> loginEnc(@RequestBody LoginVo vo, 
			HttpServletRequest request, HttpServletResponse response) {
		return loginService.login(vo, true, request, response);
	}
	
	@SuppressWarnings("deprecation")
	@RequestMapping("/curr")
	public ResMessage<Map<String, Object>> curr(HttpServletRequest request, HttpServletResponse response) {
		return loginService.currentPermession(request);
	}
	
	/** 获取当前登录用户的权限（不区分登录用户的类型，管理员和用户均可）
	 * @param request
	 * @param response
	 * @return
	 */
	@RequestMapping("/permissions")
	public ResMessage<List<RolePermissionVo>> permissions(HttpServletRequest request, HttpServletResponse response) {
		return loginService.tokenPermessions(request);
	}
	
	/** 当前登录的管理员信息
	 * @param request
	 * @param response
	 * @return
	 */
	@RequestMapping("/adminInfo")
	public ResMessage<AdminTokenVo> adminInfo(HttpServletRequest request, HttpServletResponse response) {
		return loginService.currentAdminInfo(request, response);
	}

	/** 当前登录的普通用户信息
	 * @param request
	 * @param response
	 * @return
	 */
	@RequestMapping("/userInfo")
	public ResMessage<UserTokenVo> userInfo(HttpServletRequest request, HttpServletResponse response) {
		return loginService.currentUserInfo(request, response);
	}
	
	/** 退出登录，不区分登录用户的类型
	 * @param request
	 * @param response
	 * @return
	 */
	@RequestMapping("/logout")
	public ResMessage<Void> logout(HttpServletRequest request, HttpServletResponse response) {
		return loginService.logout(request, response);
	}
	
	
	/** 普通用户明文登录
	 * @param vo
	 * @param request
	 * @param response
	 * @return
	 */
	//@RequestMapping("/signup")
	@Deprecated
	public ResMessage<UserTokenVo> signup(@RequestBody LoginVo vo, 
			HttpServletRequest request, HttpServletResponse response) {
		return loginService.signUp(vo, false, request, response);
	}
	
	/** 普通用户加密登录
	 * @param vo
	 * @param request
	 * @param response
	 * @return
	 */
	@RequestMapping("/signupEnc")
	public ResMessage<UserTokenVo> signupEnc(@RequestBody LoginVo vo, 
			HttpServletRequest request, HttpServletResponse response) {
		return loginService.signUp(vo, true, request, response);
	}
	
	@RequestMapping("/1")
	public String hello() {
		return "hello 1";
	}
	
	@RequestMapping("/2")
	@PreAuthorize("hasAuthority('test:permission')")
	public String hello2() {
		return "hello 2";
	}
	
	/** Note: 不支持角色权限的过滤， "hasRole('***')"
	 * @return
	 */
	@RequestMapping("/3")
	@PreAuthorize("hasRole('USER')")
	public String hello3() {
		return "hello 3";
	}
	
	
}
